]> git.wh0rd.org - tt-rss.git/blob - opml.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
escape data on OPML import (take 2)
[tt-rss.git] / opml.php
1 <?
2 // FIXME there are some brackets issues here
3
4 $op = $_REQUEST["op"];
5 if ($op == "Export") {
6 header("Content-type: application/xml");
7 print "<?xml version=\"1.0\"?>";
8 }
9
10 require_once "config.php";
11 require_once "db.php";
12
13 $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
14
15 if (DB_TYPE == "pgsql") {
16 pg_query($link, "set client_encoding = 'utf-8'");
17 }
18
19 if ($op == "Export") {
20 print "<opml version=\"1.0\">";
21 print "<head><dateCreated>" . date("r", time()) . "</dateCreated></head>";
22 print "<body>";
23
24 $result = db_query($link, "SELECT * FROM ttrss_feeds ORDER BY title");
25
26 while ($line = db_fetch_assoc($result)) {
27 $title = $line["title"];
28 $url = $line["feed_url"];
29
30 print "<outline text=\"$title\" xmlUrl=\"$url\"/>";
31 }
32
33 print "</body></opml>";
34 }
35
36 function startElement($parser, $name, $attrs) {
37
38 if ($name == "OUTLINE") {
39 if ($name == "OUTLINE") {
40
41 $title = $attrs["TEXT"];
42 $url = $attrs["XMLURL"];
43
44 if (!$title) {
45 $title = $attrs['TITLE'];
46 }
47 }
48
49 /* this is suboptimal */
50
51 $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
52
53 if (!$link) return;
54
55 $title = db_escape_string_2($title, $link);
56 $url = db_escape_string_2($url, $link);
57
58 if (!$title || !$url) return;
59
60 print "Feed <b>$title</b> ($url)... ";
61
62 $result = db_query($link, "SELECT id FROM ttrss_feeds WHERE
63 title = '$title' OR feed_url = '$url'");
64
65 if ($result && db_num_rows($result) > 0) {
66
67 print " Already imported.<br>";
68
69 } else {
70
71 $result = db_query($link, "INSERT INTO ttrss_feeds (title, feed_url) VALUES
72 ('$title', '$url')");
73
74 print "<b>Done.</b><br>";
75
76 }
77
78 if ($link) db_close($link);
79
80 }
81 }
82
83 function endElement($parser, $name) {
84
85
86 }
87
88 if ($op == "Import") {
89
90 print "<html>
91 <head>
92 <link rel=\"stylesheet\" href=\"opml.css\" type=\"text/css\">
93 </head>
94 <body><h1>Importing OPML...</h1>
95 <div>";
96
97 if (WEB_DEMO_MODE) {
98 print "OPML import is disabled in demo-mode.";
99 print "<p><a class=\"button\" href=\"prefs.php\">
100 Return to preferences</a></div></body></html>";
101
102 return;
103 }
104
105 if (is_file($_FILES['opml_file']['tmp_name'])) {
106
107 $xml_parser = xml_parser_create();
108
109 xml_set_element_handler($xml_parser, "startElement", "endElement");
110
111 $fp = fopen($_FILES['opml_file']['tmp_name'], "r");
112
113 if ($fp) {
114
115 while ($data = fread($fp, 4096)) {
116
117 if (!xml_parse($xml_parser, $data, feof($fp))) {
118
119 print sprintf("Unable to parse OPML file, XML error: %s at line %d",
120 xml_error_string(xml_get_error_code($xml_parser)),
121 xml_get_current_line_number($xml_parser));
122
123 print "<p><a class=\"button\" href=\"prefs.php\">
124 Return to preferences</a>";
125
126 return;
127
128 }
129 }
130
131 xml_parser_free($xml_parser);
132 fclose($fp);
133
134 } else {
135 print("Error: Could not open OPML input.");
136 }
137
138 } else {
139 print "Error: please upload OPML file.";
140 }
141
142 print "<p><a class=\"button\" href=\"prefs.php\">
143 Return to preferences</a>";
144
145 print "</div></body></html>";
146
147 }
148
149 // if ($link) db_close($link);
150
151 ?>
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/